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DETAILED ACTION 

This Action is in regards to the Reply received on 12/05/2006. 

Response to Amendment 

1. This action is responsive to the application filed on 12/05/2006. Claims 15, 23- 
27, 35, 44, 48, 51, and 52 have been amended. Claims 22, 39-34, 39-43, 47, and 50 
have been canceled herein. No claims have been added herein. Therefore claims 15- 
21 , 23-28, 35-38, 44-46, 48, 49, 51 and 52 are now pending in the application, and 
represent a method and apparatus for a "Determining group membership". 

Response to argument 

2. Applicants have presented no arguments with respect to the Previous Rejection 
mainly because claims 22-27, 39, 47, and 50-52 were objected to as being dependent 
upon a rejected based claim and would be allowable if rewritten in independent form 
including all the limitations of the base claim and any intervening claims in the Previous 
Office Action and claims 6, 7 and 15 were indicated allowable if rewritten in independent 
form. 

The Examiner thanks the applicants for amending claims 15, 23-27, 35, 44, 48, 
51 , and 52 to incorporate claims. However, in light of the prior art references resulting 
from an updated search, the Examiner respectfully withdraws the allowability of claims 
15, 35, 44, and 48 (see notice of cited reference PTO form 892 and the rejection of 
claim 1 and 1 1 below). 
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In response to Applicant's arguments, 37 CFR § 1.11 (c) requires applicant to 
"clearly point out the patentable novelty which he or she thinks the claims present in 
view of the state of the art disclosed by the references cited or the objections made. He 
or she must show the amendments avoid such references or objections." 

Claim Rejections - 35 (JSC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 15-21, 23-28, 35-38, 44-46, 48, 49, 51 and 52 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Lection et al (hereinafter Lection) U.S. Patent 
No. 6,418,446 in view of Burkett et al (hereinafter Burkett) U.S. Patent No. 6,671,853 
B1. 

Regarding claim 1: Lection discloses the invention substantially as claimed. 
Kavacheri teaches a method for identifying members of a' group (fig. 3A-D), 

comprising the steps of: 

determining dynamic members of a first group based on a rule that defines 

dynamic membership for said first group, wherein said rule is stored in a dynamic rule 
attribute of an identity profile of said first group (column 3, lines 40-57; Note that as a 
rule, will become a group node and that the ID attribute is the ID profile of the 1^' group); 
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storing an identification of each of said dynamic members of said first group 
(column 3, lines 40-57); 

determining nested members of said first group (column 12, lines 31-37); 

storing an identification of each of said nested members of said first group 
(column 13, lines 5-23); 

receiving a request to report members of said first group, said request is 
received subsequent to said step of storing (fig. 3D; column 12, lines 22-38; The output 
DOM tree is similar to the memberhip report stated in the claim); and 

reporting said dynamic members and said nested members of said first group in 
response to said request, said reporting of said dynamic members is performed based 
on said stored identification of said dynamic members and said reporting of said nested 
members is performed based on said stored identification of said nested members (fig. 
3D; column 12, lines 22-51). However, Lection does disclose the details of such group 
members of the first group being dynamic and static members within the nested group 
members. 

In the same field of endeavor, Burkett et al discloses an"... In a first aspect, this 
technique comprises: processing each of a plurality of nodes of an input Document 
Object Model (DOM) tree representing a document to be selectively streamed, wherein 
each of the nodes has either a static indicator or a dynamic indicator associated 
therewith; streaming each of the processed nodes which has the static indicator to a 
serialized binary output stream; and streaming each of the processed nodes which has 
the dynamic indicator to one or more non-binary output files. This technique may 
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further comprise: processing a transition from binary mode to tag mode upon detecting 
a ctiange from processing nodes having the static indicator to processing nodes having 
the dynamic indicator; and processing a transition from tag mode to binary mode upon 
detecting a subsequent mode change wherein the processed nodes had the dynamic 
indicator but now have the static indicator..." [see Burkett; column 4, lines 30-46]. 

Accordingly, it would have been obvious to one of ordinary skill in the networking 
art at the time the invention was made to have incorporated Burkett's teachings of 
using dynamic and static members within the nested group members with the 
teachings of Lection, for the purpose of improving the ability of a network "...to provide 
a technique should to overcome known performance problems that result when parsing 
large documents, without introducing new performance inefficiencies..." as stated by 
Burkett in lines 6-8 of column 4. By this rationale, claim 1 is rejected. 

Regarding claims 16-21, 23-28, 35-38, 44-46, 48, 49, 51 and 52 the 
combination Lection- Burkett discloses: 

16. (Previously Presented) A method according to claim 15, wherein: 
said first group includes one or more static members [see Burkett; column 4, 

lines 30-46]. 

an identification of each of said static members is stored in a static member 
attribute for said identity profile of said first group; and said identification of each of said 
dynamic members is stored in said static member attribute for said identity profile of 
said first group [see Burkett; column 4, lines 30-65]. 

17. (Previously Presented) A method according to claim 15, wherein: 
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said first group includes one or more static-members [see Burkett; column 4, lines 
30-461 

an identification of each of said static members is stored in a static member 
attribute for said identity profile of said first group [see Burkett; column 4, lines 30-65]; 
said identity profile of said first group also includes an expansion attribute; and 
said method can only be performed if said expansion attribute includes an 
appropriate value (see Lection; column 3, lines 40-57; column 13, lines 5-23). 

1 8. (Previously Presented) A method according to claim 1 7, wherein: 
said method can only be performed for an entity having access to said 

expansion attribute and said dynamic rule attribute [see Burkett; column 4, lines 30-65]. 

19. (Original) A method according to claim 15, wherein: 

said steps of determining and storing are automatically repeated (see Lection; 
column 3, lines 40-57; column 13, lines 5-23). 

20. (Original) A method according to claim 1 5, wherein: 

said steps of determining, storing and receiving are performed by an 
integrated identity and access system (see Lection; column 3, lines 40-57; column 13, 
lines 5-23). 

21 . (Original) A method according to claim 20, wherein: 

said integrated identity and access system is capable of performing 
authorization services based on membership in said first group. 

23. (Currently Amended) A method according to claim -2-g 15, wherein: 
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said nested members include members of multiple levels of nested groups. 
24. (Currently Amended) A method according to claim -2-2 15, wherein: 

said step of determining nested members includes recursively determining 
members of group members. 

25. (Currently Amended) A method according to claim -2-2 15, wherein: 
said first group includes one or more static members ; and 

said step of reporting includes reporting said static members [see Burkett; 
column 4, lines 30-6 5\. 

26. (Currently Amended) A method according to claim 1 5, wherein said 
step of determining nested members includes the steps of: 

determining all static group members of said first group [see Burkett; column 4, 
lines 30-65\. 

determining all static and dynamic members of said static group members of said 
first group [see Burkett; column 4, lines 30-65\; 

determining all static group members of said static group members of said first 
group; anddetermining all members of said static group members of said static group 
members of said first group [see Burkett; column 4, lines 30-65\. 

27. (Currently Amended) A method according to claim 1 5 wherein: 

said first group and nested groups of said first group include rules defining 
criteria for being dynamic members [see Burkett; column 4, lines 30-65\; and 

said step of determining dynamic members includes the steps of 
determining a normalized set of said rules and determining which users are defined by 
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said normalized set of said rules, said users defined by said normalized set of said 
rules are said dynamic members of said first group (see Lection; column 3, lines 40- 
57). 

28. (Original) A method according to claim 1 5, wherein: 
said first group includes one or more static members; and 
said step of reporting includes reporting said static members [see Burkett; 
column 4, lines 30-65\. 

35. (Currently Amended) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage 
devices, said processor readable code for programming one or more processors to 
perform a method comprising the steps of: 

determining dynamic members of a first group based on a rule that defines 
dynamic membership for said first group, wherein said rule is stored in a dynamic rule 
attribute of an identify profile of said first group [see Lection column 3, lines 40-57; see 
Burkett; column 4, lines 30-46]; 

storing an identification of each of said dynamic members of said first group 
(column 3, lines 40-57); 

determining nested members of said first group, said nested members include 
members of multiple levels of nested groups (see Lection; column 12, lines 31-37); 

storing an identification of each of said nested members of said first group 
(see Lection; column 13, lines 5-23); 
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receiving a request to report members of said first group, said request is 
received subsequent to said step of storing (see Lection; fig. 3D; column 12, lines 22- 
38); and 

reporting said dynamic members and said nested members of said first group 
in response to said request, said reporting of said dynamic members is performed 
based on said stored identification of said dynamic members and said reporting of said 
nested members is performed based on said stored identification of said nested 
members [see Lection; fig. 3D; column 12, lines 22-51; see Burkett; column 4, lines 30- 
46]. 

36. (Original) One or more processor readable storage devices according to 
claim 35, wherein: 

said first group includes one or more static members; and said step of reporting 
includes reporting said static members [see Burkett; column 4, lines 30-65], 

37. (Original) One or more processor readable storage devices according to 
claim 36, wherein: 

said steps of determining and storing are automatically repeated. 
38. (Original) One or more processor readable storage devices according to 
claim 36, wherein: 

said steps of determining, storing and receiving are performed by an 
integrated identity and access system(see Lection; column 3, lines 40-57). 

44. (Currently Amended) An apparatus that can determine members of a 
group, comprising: 
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a communication interface (see Lection; fig. 1, items 16 and 22); and 

one or more processors in communication with said communication interface 

(see Lection; fig. 1, item 12), said one or more processors perform a method comprising 

the steps of: 

determining dynamic members of a first group based on a rule that defines 
dynamic membership for said first group, wherein said rule is stored in a dynamic rule 
attribute of an identity profile of said first group and said first group includes one or more 
static members (see Lection column 3, lines 40-57 see Burkett; column 4, lines 30-46), 
storing an identification of each of said dynamic members of said first 
group [column 3, lines 40-57;see Burkett; column 4, lines 30-46], 

determining nested members of said first group, said nested members 
include members of multiple levels of nested groups (see Lection; column 12, lines 31- 

37) ; 

storing an identification of each of said nested members of said first group 
(see Lection; column 13, lines 5-23); 

receiving a request to report members of said first group, said request is 
received subsequent to said step of storing (see Lection; fig. 3D; column 12, lines 22- 

38) , and 

reporting said static members said dynamic members, and said nested 
members of said first group in response to said request, said reporting of said 
dynamic members is performed based on said stored identification of said dynamic 
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members and said reporting of said nested members is performed based on said 
stored identification of said nested members [see Burkett; column 4, lines 30-46]. 

45. (Original) An apparatus according to claim 44, wherein: 

said steps of determining and storing are automatically repeated (see Lection; column 
3, lines 40-57). 

46. (Original) An apparatus according to claim 44, wherein: 

said steps of determining, storing and receiving are performed by an integrated 
identity and access system (see Lection; column 3, lines 40-57).. 

48. (Currently Amended) An integrated identity and access system 
comprising: 

an identity system adapted to determine dynamic members of a first group 
based on a rule that defines dynamic membership for said first group, wherein said rule 
is stored in a dynamic rule attribute of an identity profile of said first group, store an 
identification of each of said dynamic members of said first group, determine nested 
members of said first group (see Lection; column 12, lines 31-37), store an 
identification of each of said nested members of said first group (see Lection; column 
13, lines 5-23), receive a request to report members of said first group, said request is 
received subsequent to said step of storing, and report said dynamic members and said 
nested members of said first group in response to said request(see Lection; fig. 3D; 
column 12, lines 22-38), said reporting of said dynamic members is performed based on 
said stored identification of said dynamic members and said reporting of said nested 
members is performed based on said stored identification of said nested members [see 
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Lection column 3, lines 40-5; column 3, lines 40-57; see Burkett; column 4, lines 30-46]; 
and 

an access system adapted to perform authentication services based on 
membership in said first group (see Lection; column 1, lines 43-65). 

49. (Previously Presented) The integrated identity and access system of claim 
48, wherein: 

said first group includes one or more static members [see Burkett; column 4, 
lines 30-65\; 

an identification of each of said static members is stored in a static member 
attribute for said identity profile of said first group [see Burkett; column 4, lines 30-65]; 
and said identification of each of said dynamic members is stored in said static member 
attribute for said identity profile of said first group (see Lection; column 3, lines 40-57; 
column 13, lines 5-23). 

51 . (Currently Amended) The integrated identity and access system of claim 
48, wherein the identity system, is adapted to determine nested members by: 

determining all static group members of said first group [see Burkett; column 4, 
lines 30-65]; 

determining all static and dynamic members of said static group members of 
said first group [see Burkett; column 4, lines 30-65]; 

determining all static group members of said static group members of said first 
group; anddetermining all members of said static group members of said static group 
members of said first group [see Burkett; column 4, lines 30-65]. 
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52. (Currently Amended) The integrated identity and access system of claim 
48, wherein said first group and nested groups of said first group include rules defining 
criteria for being dynamic members and the identity system is adapted to determine 
dynamic members by determining a normalized set of said rules and determining which 
users are defined by said normalized set of said rules, said users defined by said 
normalized set of said rules are said dynamic members of said first group [see Burkett; 
column 4, lines 30-65]. 
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Conclusion 

5. THIS ACTION IS MADE NON-FINAL Any inquiry concerning this 
communication or earlier communications from examiner should be directed to Jude 
Jean-Gilles whose telephone number is (571) 272-3914. The examiner can normally be 
reached on Monday-Thursday and every other Friday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David Wiley, can be reached on (571) 272-3923. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (571) 272- 
9000. 

Jude Jean-Gilles 
Patent Examiner 
Art Unit 2143 




JJG 

February 07, 2007 



